package com.pgytesting.mobilecertpay.util;

import lombok.extern.slf4j.Slf4j;
import org.apache.commons.codec.binary.Base64;
import org.apache.commons.io.IOUtils;
import sun.misc.BASE64Decoder;
import sun.misc.BASE64Encoder;

import javax.crypto.Cipher;
import java.io.ByteArrayOutputStream;
import java.security.*;
import java.security.interfaces.RSAPrivateKey;
import java.security.interfaces.RSAPublicKey;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
import java.util.HashMap;
import java.util.Map;


/**
 * @version v1.0
 * @ProjectName: ThreeNewBoard
 * @ClassName: RSAUtils
 * @Description: TODO(RSA加解密 ， 输出公钥私钥)
 * @Author: sunbo@pgytesting.cn
 * @Date: 2019/1/23 17:36
 */
@Slf4j
public class RSAUtils {
    private static final String CHARSET = "UTF-8";
    private static final String RSA_ALGORITHM = "RSA";

    /**
     * BASE64解密
     *
     * @param key
     * @return
             * @throws Exception
     */
    public static byte[] decryptBASE64(String key) throws Exception {
        return (new BASE64Decoder()).decodeBuffer(key);
    }

    /**
     * BASE64加密
     *
     * @param key
     * @return
     * @throws Exception
     */
    public static String encryptBASE64(byte[] key) throws Exception {
        return (new BASE64Encoder()).encodeBuffer(key);
    }


    public static Map<String, String> createKeys() throws Exception {

        //为RSA算法创建一个KeyPairGenerator对象
        KeyPairGenerator kpg;
        try {
            kpg = KeyPairGenerator.getInstance(RSA_ALGORITHM);
        } catch (NoSuchAlgorithmException e) {
            throw new IllegalArgumentException("No such algorithm-->[" + RSA_ALGORITHM + "]");
        }
        //初始化KeyPairGenerator对象,密钥长度
        kpg.initialize(1024, new SecureRandom());
        //生成密匙对
        KeyPair keyPair = kpg.generateKeyPair();
        //得到公钥
        String publicKeyStr = encryptBASE64(keyPair.getPublic().getEncoded());
        //得到私钥
        String privateKeyStr = encryptBASE64(keyPair.getPrivate().getEncoded());

        Map<String, String> keyPairMap = new HashMap<>();
        keyPairMap.put("publicKey", publicKeyStr.replaceAll("(\r\n|\r|\n|\n\r)", ""));
        keyPairMap.put("privateKey", privateKeyStr.replaceAll("(\r\n|\r|\n|\n\r)", ""));

        return keyPairMap;

    }


    /**
     * 得到公钥
     *
     * @param publicKey 密钥字符串（经过base64编码）
     * @throws Exception
     */
    public static RSAPublicKey getPublicKey(String publicKey) throws Exception {
        //通过X509编码的Key指令获得公钥对象
        KeyFactory keyFactory = KeyFactory.getInstance(RSA_ALGORITHM);
        X509EncodedKeySpec x509KeySpec = new X509EncodedKeySpec(decryptBASE64(publicKey));
        RSAPublicKey key = (RSAPublicKey) keyFactory.generatePublic(x509KeySpec);
        return key;
    }

    /**
     * 得到私钥
     *
     * @param privateKey 密钥字符串（经过base64编码）
     * @throws Exception
     */
    public static RSAPrivateKey getPrivateKey(String privateKey) throws Exception {
        //通过PKCS#8编码的Key指令获得私钥对象
        KeyFactory keyFactory = KeyFactory.getInstance(RSA_ALGORITHM);
        PKCS8EncodedKeySpec pkcs8KeySpec = new PKCS8EncodedKeySpec(decryptBASE64(privateKey));
        RSAPrivateKey key = (RSAPrivateKey) keyFactory.generatePrivate(pkcs8KeySpec);
        return key;

    }


    /**
     * 公钥加密
     *
     * @param data 需要加密的数据
     * @param StrPublicKey 公钥字符串
     * @return
     */
    public static String publicEncrypt(String data, String StrPublicKey) {
        try {
            RSAPublicKey publicKey = getPublicKey(StrPublicKey);
            Cipher cipher = Cipher.getInstance(RSA_ALGORITHM);
            cipher.init(Cipher.ENCRYPT_MODE, publicKey);
            return Base64.encodeBase64URLSafeString(rsaSplitCodec(cipher, Cipher.ENCRYPT_MODE, data.getBytes(CHARSET), publicKey.getModulus().bitLength()));
        } catch (Exception e) {
            throw new RuntimeException("加密字符串[" + data + "]时遇到异常", e);
        }
    }


    /**
     * 私钥解密
     *
     * @param data 需要解密的数据
     * @param StrPrivateKey 私钥字符串
     * @return
     */

    public static String privateDecrypt(String data, String StrPrivateKey) {
        try {
            RSAPrivateKey privateKey = getPrivateKey(StrPrivateKey);
            Cipher cipher = Cipher.getInstance(RSA_ALGORITHM);
            cipher.init(Cipher.DECRYPT_MODE, privateKey);
            return new String(rsaSplitCodec(cipher, Cipher.DECRYPT_MODE, Base64.decodeBase64(data), privateKey.getModulus().bitLength()), CHARSET);
        } catch (Exception e) {
            throw new RuntimeException("解密字符串[" + data + "]时遇到异常", e);
        }
    }

    /**
     * 私钥加密
     *
     * @param data 需要加密的数据
     * @param StrPrivateKey 私钥字符串
     * @return
     */
    public static String privateEncrypt(String data, String StrPrivateKey) {
        try {
            RSAPrivateKey privateKey = getPrivateKey(StrPrivateKey);
            Cipher cipher = Cipher.getInstance(RSA_ALGORITHM);
            cipher.init(Cipher.ENCRYPT_MODE, privateKey);
            return Base64.encodeBase64URLSafeString(rsaSplitCodec(cipher, Cipher.ENCRYPT_MODE, data.getBytes(CHARSET), privateKey.getModulus().bitLength()));
        } catch (Exception e) {
            throw new RuntimeException("加密字符串[" + data + "]时遇到异常", e);
        }
    }

    /**
     * 公钥解密
     *
     * @param data 需要解密的数据
     * @param StrPublicKey 私钥字符串
     * @return
     */

    public static String publicDecrypt(String data, String StrPublicKey) {
        try {
            RSAPublicKey publicKey = getPublicKey(StrPublicKey);
            Cipher cipher = Cipher.getInstance(RSA_ALGORITHM);
            cipher.init(Cipher.DECRYPT_MODE, publicKey);
            return new String(rsaSplitCodec(cipher, Cipher.DECRYPT_MODE, Base64.decodeBase64(data), publicKey.getModulus().bitLength()), CHARSET);
        } catch (Exception e) {
            throw new RuntimeException("解密字符串[" + data + "]时遇到异常", e);
        }
    }

    private static byte[] rsaSplitCodec(Cipher cipher, int opmode, byte[] datas, int keySize) {
        int maxBlock = 0;
        if (opmode == Cipher.DECRYPT_MODE) {
            maxBlock = keySize / 8;
        } else {
            maxBlock = keySize / 8 - 11;
        }
        ByteArrayOutputStream out = new ByteArrayOutputStream();
        int offSet = 0;
        byte[] buff;
        int i = 0;
        try {
            while (datas.length > offSet) {
                if (datas.length - offSet > maxBlock) {
                    buff = cipher.doFinal(datas, offSet, maxBlock);
                } else {
                    buff = cipher.doFinal(datas, offSet, datas.length - offSet);
                }
                out.write(buff, 0, buff.length);
                i++;
                offSet = i * maxBlock;
            }
        } catch (Exception e) {
            throw new RuntimeException("加解密阀值为[" + maxBlock + "]的数据时发生异常", e);
        }
        byte[] resultDatas = out.toByteArray();
        IOUtils.closeQuietly(out);
        return resultDatas;
    }


    /**
     * 分段解密
     *
     * @param privateKey 私钥
     * @param data 加密后的数据
     * @return
     */
    public static String  getSegDecryption(String privateKey,String data){
        StringBuilder encryptionData = new StringBuilder();
        for (int i = 0; i < data.length(); i+=172) {
            String str = data.substring(i,i+172);
            log.info("正在解密密文：" + str);
            encryptionData.append(RSAUtils.privateDecrypt(str,privateKey));
        }
        return encryptionData.toString();
    }


}